Reporting a Vulnerability

Danger

Found a security issue? Please don't post it publicly. Instead, follow our security policy to report it responsibly. This helps us fix the issue before it can be exploited.

How to Report

1. Don't open a public issue — this could put users at risk
2. Review our security policy for reporting guidelines
3. Follow the responsible disclosure process outlined there

We take security reports seriously and appreciate responsible disclosure.

What Happens Next

• We'll investigate and confirm the issue
• We'll work on a fix
• We'll coordinate disclosure once a fix is available
• We'll credit you (if you'd like) when we publish the advisory

Thank you for helping keep FOSSBilling safer for everyone who runs it.